Generally, when a user accesses application data over the Internet or on a computer, it is possible for the user to access the data after verifying whether the user is the correct person capable of accessing the data and whether the user has authority to access the data. In this case, the verification of whether the user is a correct person capable of accessing the data is referred to as ‘authentication,’ and the verification of whether the user has authority to access the data is referred to as ‘authorization.’
When the data which a user desires to access is important information, the data is stored after being encrypted, or is provided to the user after being encrypted when the data is provided to the user. In recent times, when a charged video service is provided over the Internet, the data is encrypted, and a key used to decrypt the data is provided to the service user, thus allowing only an authorized user to access the data.
Further, a data provider easily processes access control management by setting the concept of ‘role’ when managing users. This processing is referred to as ‘role-based access control’. In the configuration of an actual organization, there are the concepts of hierarchy between roles and of an implicative relationship in which roles include other roles, and thus roles must be hierarchically configured to reflect such relationships.
In an environment in which a plurality of users receives data streams over the Internet as in the case of the above charged video service, a service provision server transmits data after encrypting the data, and separately provides keys required to decrypt the encrypted data to service users. Research into methods of efficiently providing keys to users, that is, efficient group key management methods, has been conducted for a long time. The core of this research is related to a method of efficiently providing updated keys to users in the cases where, when a user who newly requests subscription to a relevant service or when a user who withdraws from the service appears, keys required to encrypt and decrypt data must be updated.
The reason for updating keys when a user newly requests subscription to a service is that after a new subscriber illegally downloads previous data, he or she can decrypt the previously downloaded data using a key downloaded after subscribing to the service. Further, the reason for updating keys when a subscriber withdraws from the service is that, even after withdrawing from the service, the subscriber can illegally download data and can decrypt the data using a key kept in the subscriber.
Meanwhile, research into most group key management methods has been conducted in consideration of only the same access control for the provision of one type of data stream. However, a data provider provides various types of data streams as well as one type of data stream and is capable of assigning various memberships to individual users. For example, a data streaming service provider provides various types of data streams such as those related to news, sports, movies, entertainment, and economy, and may provide relevant services in such a way as to classify user memberships into premium, gold, silver and regular service levels. Such a service provider provides data streams after encrypting the data streams using their unique keys, and provides keys required to decrypt the data streams to users depending on membership levels assigned to the users. Research into the efficient solution of this process is called ‘hierarchical access control’.
In a conventional access control scheme operated as described above, when a user who newly requests subscription to a service and or withdraws from the service appears, keys required to encrypt and decrypt data must be updated and provided to users. However, since the updated keys must be provided to even users who do not use the service, the unnecessary distribution of keys occurs, and thus the unnecessary consumption of network resources occurs.